class Users::RegistrationsController < Devise::RegistrationsController
  layout 'users'
# before_filter :configure_sign_up_params, only: [:create]
# before_filter :configure_account_update_params, only: [:update]

  # GET /resource/sign_up
  def new
    config = Config.where(name: 'login_ad').take
    @ad_image = config.file.url if config.file
    super
  end

  # POST /resource
  # def create
  #   super
  # end

  # GET /resource/edit
  # def edit
  #   super
  # end

  # PUT /resource
  # def update
  #   super
  # end

  # DELETE /resource
  # def destroy
  #   super
  # end

  # GET /resource/cancel
  # Forces the session data which is usually expired after sign
  # in to be expired now. This is useful if the user wants to
  # cancel oauth signing in/up in the middle of the process,
  # removing all OAuth session data.
  # def cancel
  #   super
  # end

  # protected

  # If you have extra params to permit, append them to the sanitizer.
  # def configure_sign_up_params
  #   devise_parameter_sanitizer.for(:sign_up) << :attribute
  # end

  # If you have extra params to permit, append them to the sanitizer.
  # def configure_account_update_params
  #   devise_parameter_sanitizer.for(:account_update) << :attribute
  # end

  # The path used after sign up.
  # def after_sign_up_path_for(resource)
  #   super(resource)
  # end

  # The path used after sign up for inactive accounts.
  # def after_inactive_sign_up_path_for(resource)
  #   super(resource)
  # end


  def create
    if request.env["HTTP_ACCEPT"] == 'application/json'
      json_create
    else
      html_create
    end
  end


  # POST 手机创建帐户
  def json_create
    # 检查是否有对应的验证码
    sv = SmsVerification.where(mobile: params[:user][:mobile], 
                        code: params[:code],
                        validated_at: nil,
                        created_at: (Time.now - 20.minutes)..Time.now).order(created_at: :desc).take
    # 检查该手机是否已经注册过
    u = User.find_by_mobile(params[:user][:mobile])
    respond_to do |format|
      # 如果证实了该用户的身份
      # 看是否是登录还是注册动作
      if u
        #帐户已存在
        format.json  { head :bad_request }
      elsif sv
        #验证码输入正确
        #注册
        u = User.new
        u.mobile = params[:user][:mobile]
        u.password = params[:user][:password]
        u.save
        # u.create_money_account
        sign_in(resource_name, u)
        sv.expire
        #build_resource(sign_up_params)
        #resource.save
        #yield resource if block_given?
        #sign_in(resource_name, resource)
        format.json  { render json: current_user.to_json(methods: [:credit_records_size]), status: :created }
      else
        #验证码输入错误
        format.json  { head :not_found }
      end
    end

  end

  # POST /resource
  def html_create

    sv = SmsVerification.where(mobile: params[:user][:mobile], 
                        code: params[:code],
                        validated_at: nil,
                        created_at: (Time.now - 20.minutes)..Time.now).order(created_at: :desc).take

    if sv
      build_resource(sign_up_params)
      resource.save
      yield resource if block_given?
      if resource.persisted?
        if resource.active_for_authentication?
          set_flash_message :notice, :signed_up if is_flashing_format?
          sign_up(resource_name, resource)
          respond_with resource, location: after_sign_up_path_for(resource)
        else
          set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
          expire_data_after_sign_in!
          respond_with resource, location: after_inactive_sign_up_path_for(resource)
        end
        sv.expire
      else
        clean_up_passwords resource
        set_minimum_password_length
        respond_with resource
      end
    else
      respond_to do |format|
        format.html { redirect_to new_user_registration_path, notice: '验证码输入错误' }
      end
    end

  end
end
